White, Daniel E. (GSFC-770.0)[NICS]: > How do I stop junk like… > > HELO example.com > > … without having to create a huge "check_helo_access" table ?
(This is not a general answer but perhaps interesting still.) SPF validation (RFC 7208) can also be applied to a HELO name, which is useful with a negative result. The domain example.com does in fact have an SPF policy, so given an SPF milter or similar you can reject such clients right away. I handle such attempts on my host with some frequency: Nov 20 21:26:38 mail spf-milter[4480]: example.com (helo): fail Nov 23 22:38:29 mail spf-milter[4480]: example.com (helo): fail Nov 26 11:45:23 mail spf-milter[4480]: example.com (helo): fail
